With the increasing popularity of mobile devices (for example smart phones), more users are utilizing their mobile devices to access different types of services over the Internet. For example, there is a trend towards allowing users to interact with banking services and/or networking sites using mobile devices. However, numerous security concerns arise when a user accesses the interne using a mobile device. In particular, some websites may include malware and/or spyware which may be configured to capture confidential and/or sensitive information/data stored on and/or entered through a mobile device.
A secure communications line is a communications line in between two access points to provide communication security. Further, an unsecure communications line is any line connecting the two access points without applying any communication security mechanisms.
In operation, a user may want to transmit or receive data of two different types (for example sensitive and non-sensitive data). If the user wants to transmit or receive non-sensitive data, it can be transmitted or received in an unsecure manner, meaning that an unintended recipient may have access to the data. For example, if the non-sensitive data is transmitted in an unencrypted form, an unintended recipient may access the data while being transmitted from the user to the intended recipient. It is possible, at user's request to send non-sensitive data in a secure form but is not necessary.
If a user is transmitting or receiving data that is sensitive it must be transmitted or received in a secure manner, meaning that an unintended recipient should not have access to the data. For example, if the sensitive data is transmitted in an encrypted form, an unintended recipient may access the encrypted data while being transmitted from the user to the intended recipient. However, in such a case, the unintended recipient may not be able to decrypt the encrypted data. All sensitive data that is transmitted in a secure manner is transmitted over secure transmission network.
In conventional wireless communication systems there is no way to differentiate between sensitive and non-sensitive data. Further, the data that is being transmitted is already encoded when it reaches the network, so the network has no way of distinguishing between data types. To achieve secure transmission of a user's sensitive data, all of the user's data must be treated as sensitive. In other words, a user may transmit all data in the secure manner over the secure network or the user may transmit all data in the unsecure manner over the unsecure network.
This method of on/off security is very inefficient due to the fact that the user may only be transmitting or receiving one type of data that is sensitive while the other types may be non-sensitive, or a set of users want to transmit/receive sensitive data as well as non-sensitive data while another set of users do not transmit or receive any sensitive data but only non-sensitive data. For example, if a user is transmitting or receiving sensitive voice data, non-sensitive text data, and non-sensitive internet data, the user will transmit or receive all three types of data through the secure network to ensure that the sensitive voice data will remain secure. As such, all three types will be treated as sensitive data and transmitted in the secure manner because networks lack ability to differentiate them and protect only the sensitive data.
At the same time, when the user uses smart phone for internet access, different applications may be running simultaneously and each application may require different security requirements. It may be important to secure the VoIP call and at the same time browsing a web page or downloading a video stream need not be secured. Further, applying security protection to each application running in the smart phone consumes battery power. Some applications (like bank transactions) require protection and some applications may not require the security protection.
However, in current method of transmitting or receiving data securely in a wireless communication system has limitation. There is no way to differentiate sensitive data from non-sensitive data and apply security for only selected data. In current communications networks there is no way to protect the data selectively like applying security for only sensitive data. This is very inefficient method of transmitting sensitive data.
Due to abovementioned reasons, it is evident that the existing system applies security to all the data irrespective of the fact that there is need to protect those data or not. Due to this, existing system fails to conserve the battery power by selective protection.
In the light of above discussion, it is desirable to have a method and system that provides a security mechanism for applying a dynamic switching on/off of the user plane protection based on user or network policy or application requirement.